SlideShare a Scribd company logo

Fundamentals of Information Systems Security Chapter 7

Download as PPTX, PDF
Dr. Ahmed Al Zaidy
Dr. Ahmed Al Zaidy

Chapter 7: Auditing, Testing, and Monitoring

Education
1 of 45
© 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security Lesson 7 Auditing, Testing, and Monitoring
Page 2Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 2Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Learning Objective(s)  Explain the importance of security audits, testing, and monitoring in an IT infrastructure.
Page 3Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 3Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts  Practices and principles of security audits  Ways to monitor systems  Capturing and analyzing log data  Assessing an organization’s security compliance  Monitoring and testing security systems
Page 4Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 4Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Auditing, Testing, and Monitoring  A security audit is a crucial type of evaluation to avoid a data breach  Auditing a computer system involves checking to see how its operation has met security goals  Audit tests may be manual or automated  Before you can determine whether something has worked, you must first define how it’s supposed to work • Known as assessing a system
Page 5Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 5Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Auditing and Analysis Are security policies sound and appropriate for the business or activity? Are there controls supporting your policies? Is there effective implementation and upkeep of controls?
Page 6Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 6Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Controls Address Risk
Page 7Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 7Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Determining What Is Acceptable  Define acceptable and unacceptable actions  Create standards based on those developed or endorsed by standards bodies  Communications and other actions permitted by a policy document are acceptable  Communications and other actions specifically banned in your security policy are unacceptable
Page 8Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 8Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Areas of Security Audits Large in scope and cover entire departments or business functions Narrow and address only one specific system or control
Page 9Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 9Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Purpose of Audits Appropriateness of controls • Is the level of security control suitable for the risk it addresses? Correct installation of controls • Is the security control in the right place and working well? Address purpose of controls • Is the security control effective in addressing the risk it was designed to address?
Page 10Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 10Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Service Organization Control (SOC) Reports Report Type Contents Audience SOC 1 Internal controls over financial reporting  Users and auditors  Organizations that must comply with SOX or the GLBA SOC 2 Security (confidentiality, integrity, availability) and privacy controls  Management, regulators, stakeholders  Service providers, hosted data centers, managed cloud computing providers SOC 3 Security (confidentiality, integrity, availability) and privacy controls  Public  Customers of SOC 2 service providers
Page 11Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 11Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Defining Your Audit Plan Define objectives; determine which systems or business processes to review Define which areas of assurance to check Identify personnel who will participate in the audit
Page 12Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 12Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Defining the Scope of the Plan Survey the site(s) Review documentation Review risk analysis output Review server and application logs Review incident logs Review results of penetration tests
Page 13Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 13Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Audit Scope and the Seven Domains of the IT Infrastructure
Page 14Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 14Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Auditing Benchmarks Benchmark—The standard to which your system is compared to determine whether it is securely configured • ISO 27002—ISO 27002 • NIST Cybersecurity Framework (CSF) • ITIL (Information Technology Infrastructure Library) • Control Objectives for Information and related Technology (COBIT) • Committee of Sponsoring Organizations (COSO)
Page 15Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 15Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Audit Data Collection Methods Questionnaires Interviews Observation Checklists Reviewing documentation Reviewing configurations Reviewing policy Performing security testing
Page 16Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 16Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Areas Included in Audit Plan Area Audit Goal Antivirus software Up-to-date, universal application System access policies Current with technology Intrusion detection and event monitoring systems Log reviews System-hardening policies Ports, services Cryptographic controls Key management, usage (network encryption of sensitive data) Contingency planning Business continuity plan (BCP), disaster recovery plan (DRP), and continuity of operations plan (COOP)
Page 17Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 17Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Areas Included in Audit Plan (cont.) Area Audit Goal Hardware and software maintenance Maintenance agreements, servicing, forecasting of future needs Physical security Doors locked, power supplies monitored Access control Need to know, least privilege Change control processes for configuration management Documented, no unauthorized changes Media protection Age of media, labeling, storage, transportation
Page 18Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 18Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Control Checks and Identity Management  Approval process: Who grants approval for access requests?  Authentication mechanisms: What mechanisms are used for specific security requirements?  Password policy and enforcement: Does the organization have an effective password policy and is it uniformly enforced?  Monitoring: Does the organization have sufficient monitoring systems to detect unauthorized access?  Remote access systems: Are all systems properly secured with strong authentication?
Page 19Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 19Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Post-Audit Activities  Exit interview  Data analysis  Generation of audit report • Findings • Recommendations • Timeline for implementation • Level of risk • Management response • Follow-up  Presentation of findings
Page 20Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 20Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Monitoring Baselines Alarms, alerts, and trends Closed-circuit TV Systems that spot irregular behavior
Page 21Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 21Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Monitoring for Computer Systems • Host IDS • System integrity monitoring • Data loss prevention (DLP) Real-time monitoring • Application logging • System logging Non-real-time monitoring • Host-based activity • Network and network devicesLog activities
Page 22Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 22Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Types of Log Information to Capture • General operating system and application software eventsEvent logs • Access requests to resourcesAccess logs • Security-related eventsSecurity logs • Defined events that provide additional input to audit activitiesAudit logs
Page 23Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 23Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Types of Log Information
Page 24Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 24Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. How to Verify Security Controls Controls that monitor activity IDSs IPSs Firewalls
Page 25Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 25Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. IDS as a Firewall Complement
Page 26Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 26Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Basic NIDS as a Firewall Complement
Page 27Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 27Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Analysis Methods • Rule-based detection • Rely on pattern matching and stateful matching Pattern- or signature-based IDSs • Profile-based systems Anomaly-based IDSs • Statistical-based methods • Traffic-based methods • Protocol patterns Common methods of detecting anomalies
Page 28Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 28Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. HIDS  Software processes or services designed to run on server computers  Intercept and examine system calls or specific processes for patterns or behaviors that should not normally be allowed  HIDS daemons can take a predefined action such as stopping or reporting the infraction  Detect inappropriate traffic that originates inside the network  Recognize an anomaly that is specific to a particular machine or user
Page 29Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 29Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Layered Defense: Network Access Control
Page 30Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 30Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Using NIDS Devices to Monitor Outside Attacks
Page 31Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 31Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Host Isolation and the DMZ
Page 32Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 32Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. System Hardening  Turn off or disable unnecessary services; protect ones that are still running  Secure management interfaces and applications  Protect passwords through aggressive password policies  Disable unnecessary user accounts  Apply the latest software patches available  Secure all computers/devices from unauthorized changes  Disable unused network interfaces  Disable unused application service ports  Use MAC filtering to limit device access  Implement 802.1x, PNAC
Page 33Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 33Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Monitoring and Testing Security Systems Common risks are: • Attackers who come in from outside, with unauthorized access, malicious code, Trojans, and malware • Sensitive information leaking from inside the organization to unauthorized people who can damage your organization
Page 34Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 34Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Monitoring Monitor traffic with an IDS, which identifies abnormal traffic for further investigation Use an IPS to actively block malicious traffic
Page 35Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 35Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Testing
Page 36Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 36Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Testing Road Map
Page 37Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 37Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Establishing Testing Goals and Reconnaissance Methods  Establish testing goals • Identify vulnerabilities and rank them according to how critical they are to your systems • Document a point-in-time (snapshot) test for comparison to other time periods • Prepare for auditor review • Find the gaps in your security  Reconnaissance methods • Social engineering • Whois service • Zone transfer
Page 38Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 38Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Network Mapping
Page 39Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 39Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Network Mapping with ICMP (Ping)
Page 40Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 40Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Network Mapping with TCP/SYN Scans
Page 41Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 41Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Operating System Fingerprinting
Page 42Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 42Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Testing Methods Black-box testing • Uses test methods that aren’t based directly on knowledge of a program’s architecture or design White-box testing • Is based on knowledge of the application’s design and source code Gray-box testing • Lies somewhere between black-box testing and white- box testing
Page 43Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 43Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Covert versus Overt Testers
Page 44Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 44Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Testing Tips and Techniques Choose the right tool Tools make mistakes Protect your systems Tests should be as “real” as possible
Page 45Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 45Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Summary  Practices and principles of security audits  Ways to monitor systems  Capturing and analyzing log data  Assessing an organization’s security compliance  Monitoring and testing security systems

Recommended

Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 

Recommended

Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Fundamentals of Information Systems Security Chapter 9
Fundamentals of Information Systems Security Chapter 9Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Fundamentals of Information Systems Security Chapter 8
Fundamentals of Information Systems Security Chapter 8Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Fundamentals of Information Systems Security Chapter 10
Fundamentals of Information Systems Security Chapter 10Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Fundamentals of Information Systems Security Chapter 4
Fundamentals of Information Systems Security Chapter 4Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Fundamentals of Information Systems Security Chapter 5
Fundamentals of Information Systems Security Chapter 5Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Fundamentals of Information Systems Security Chapter 6
Fundamentals of Information Systems Security Chapter 6Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Fundamentals of Information Systems Security Chapter 12
Fundamentals of Information Systems Security Chapter 12Dr. Ahmed Al Zaidy
 
Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Fundamentals of Information Systems Security Chapter 2
Fundamentals of Information Systems Security Chapter 2 Dr. Ahmed Al Zaidy
 
ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemMuhammad Faisal Naqvi, CISSP, CISA, AMBCI, ITIL, ISMS LA n Master
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Dr. Ahmed Al Zaidy
 
ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...
ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...
ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...himalya sharma
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Dinesh O Bareja
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Dr. Ahmed Al Zaidy
 
IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubKaushal Trivedi
 
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityLegal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityCarl Ceder
 
Cyber Security Organizational Operating Model and Governance
Cyber Security Organizational Operating Model and GovernanceCyber Security Organizational Operating Model and Governance
Cyber Security Organizational Operating Model and GovernanceSrinidhi Aithal
 
Security & Compliance
Security & ComplianceSecurity & Compliance
Security & ComplianceAmazon Web Services
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Edureka!
 
Information security management system
Information security management systemInformation security management system
Information security management systemArani Srinivasan
 
Physical Security Management System
Physical Security Management SystemPhysical Security Management System
Physical Security Management SystemDaniel Suchy, CPP, MSyI
 
Lesson 3
Lesson 3Lesson 3
Lesson 3MLG College of Learning, Inc
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Dr. Ahmed Al Zaidy
 
IT General Controls
IT General ControlsIT General Controls
IT General ControlsCicero Ray Rufino
 
Understanding IT Governance and Risk Management
Understanding IT Governance and Risk ManagementUnderstanding IT Governance and Risk Management
Understanding IT Governance and Risk Managementjiricejka
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005ControlCase
 
The information security audit
The information security auditThe information security audit
The information security auditDhani Ahmad
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical SecurityJorge Sebastiao
 
How AI is Making Contract Management Easier and More Effective
How AI is Making Contract Management Easier and More EffectiveHow AI is Making Contract Management Easier and More Effective
How AI is Making Contract Management Easier and More EffectiveSirionLabs
 
Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07Skillspire LLC
 
Funsec3e ppt ch06
Funsec3e ppt ch06Funsec3e ppt ch06
Funsec3e ppt ch06Skillspire LLC
 

More Related Content

What's hot

Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Dr. Ahmed Al Zaidy
 
ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...
ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...
ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...himalya sharma
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Dinesh O Bareja
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Dr. Ahmed Al Zaidy
 
IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubKaushal Trivedi
 
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityLegal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityCarl Ceder
 
Cyber Security Organizational Operating Model and Governance
Cyber Security Organizational Operating Model and GovernanceCyber Security Organizational Operating Model and Governance
Cyber Security Organizational Operating Model and GovernanceSrinidhi Aithal
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Edureka!
 
Information security management system
Information security management systemInformation security management system
Information security management systemArani Srinivasan
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Dr. Ahmed Al Zaidy
 
Understanding IT Governance and Risk Management
Understanding IT Governance and Risk ManagementUnderstanding IT Governance and Risk Management
Understanding IT Governance and Risk Managementjiricejka
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005ControlCase
 
The information security audit
The information security auditThe information security audit
The information security auditDhani Ahmad
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical SecurityJorge Sebastiao
 
How AI is Making Contract Management Easier and More Effective
How AI is Making Contract Management Easier and More EffectiveHow AI is Making Contract Management Easier and More Effective
How AI is Making Contract Management Easier and More EffectiveSirionLabs
 

What's hot (20)

ISO 27001 - Information Security Management System
ISO 27001 - Information Security Management SystemISO 27001 - Information Security Management System
ISO 27001 - Information Security Management System
 
Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3Fundamentals of Information Systems Security Chapter 3
Fundamentals of Information Systems Security Chapter 3
 
ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...
ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...
ISO 27001 checklist - Leadership and Commitment - clause 5.1 - 70 checklist Q...
 
Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing Basics in IT Audit and Application Control Testing
Basics in IT Audit and Application Control Testing
 
Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1Fundamentals of Information Systems Security Chapter 1
Fundamentals of Information Systems Security Chapter 1
 
IT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit ClubIT General Controls Presentation at IIA Vadodara Audit Club
IT General Controls Presentation at IIA Vadodara Audit Club
 
Legal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information SecurityLegal, Ethical, and Professional Issues In Information Security
Legal, Ethical, and Professional Issues In Information Security
 
Cyber Security Organizational Operating Model and Governance
Cyber Security Organizational Operating Model and GovernanceCyber Security Organizational Operating Model and Governance
Cyber Security Organizational Operating Model and Governance
 
Security & Compliance
Security & ComplianceSecurity & Compliance
Security & Compliance
 
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
Cybersecurity Tools | Popular Tools for Cybersecurity Threats | Cybersecurity...
 
Information security management system
Information security management systemInformation security management system
Information security management system
 
Physical Security Management System
Physical Security Management SystemPhysical Security Management System
Physical Security Management System
 
Lesson 3
Lesson 3Lesson 3
Lesson 3
 
Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11Fundamentals of Information Systems Security Chapter 11
Fundamentals of Information Systems Security Chapter 11
 
IT General Controls
IT General ControlsIT General Controls
IT General Controls
 
Understanding IT Governance and Risk Management
Understanding IT Governance and Risk ManagementUnderstanding IT Governance and Risk Management
Understanding IT Governance and Risk Management
 
Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005Information Security Management System ISO/IEC 27001:2005
Information Security Management System ISO/IEC 27001:2005
 
The information security audit
The information security auditThe information security audit
The information security audit
 
Integrating Physical And Logical Security
Integrating Physical And Logical SecurityIntegrating Physical And Logical Security
Integrating Physical And Logical Security
 
How AI is Making Contract Management Easier and More Effective
How AI is Making Contract Management Easier and More EffectiveHow AI is Making Contract Management Easier and More Effective
How AI is Making Contract Management Easier and More Effective
 

Similar to Fundamentals of Information Systems Security Chapter 7

cryptography.pptx
cryptography.pptxcryptography.pptx
cryptography.pptxMhndHTaani
 
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxDr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxMhndHTaani
 
Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14Dr. Ahmed Al Zaidy
 
info-sys-security3.pptx
info-sys-security3.pptxinfo-sys-security3.pptx
info-sys-security3.pptxMhndHTaani
 
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Dr. Ahmed Al Zaidy
 
Proactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionProactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionMike Wons
 
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Dr. Ahmed Al Zaidy
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftOSIsoft, LLC
 
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]TrustArc
 
Martin Huddleston: No Service Management, No Security
Martin Huddleston: No Service Management, No SecurityMartin Huddleston: No Service Management, No Security
Martin Huddleston: No Service Management, No SecurityitSMF UK
 
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCUnderstanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCAdam Levithan
 
Security Observability: Democratizing Security in the Cloud (DEV206-S) - AWS ...
Security Observability: Democratizing Security in the Cloud (DEV206-S) - AWS ...Security Observability: Democratizing Security in the Cloud (DEV206-S) - AWS ...
Security Observability: Democratizing Security in the Cloud (DEV206-S) - AWS ...Amazon Web Services
 
Business Goals and Constraints.” Please respond to the following.docx
Business Goals and Constraints.” Please respond to the following.docxBusiness Goals and Constraints.” Please respond to the following.docx
Business Goals and Constraints.” Please respond to the following.docxfelicidaddinwoodie
 
The Value of Using Security Policy Orchestration and Automation for Improving...
The Value of Using Security Policy Orchestration and Automation for Improving...The Value of Using Security Policy Orchestration and Automation for Improving...
The Value of Using Security Policy Orchestration and Automation for Improving...Enterprise Management Associates
 

Similar to Fundamentals of Information Systems Security Chapter 7 (20)

Funsec3e ppt ch07
Funsec3e ppt ch07Funsec3e ppt ch07
Funsec3e ppt ch07
 
Funsec3e ppt ch06
Funsec3e ppt ch06Funsec3e ppt ch06
Funsec3e ppt ch06
 
cryptography.pptx
cryptography.pptxcryptography.pptx
cryptography.pptx
 
Funsec3e ppt ch05
Funsec3e ppt ch05Funsec3e ppt ch05
Funsec3e ppt ch05
 
Dr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptxDr_Kamal_ch01.pptx
Dr_Kamal_ch01.pptx
 
Funsec3e ppt ch03
Funsec3e ppt ch03Funsec3e ppt ch03
Funsec3e ppt ch03
 
Funsec3e ppt ch14
Funsec3e ppt ch14Funsec3e ppt ch14
Funsec3e ppt ch14
 
Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14Fundamentals of Information Systems Security Chapter 14
Fundamentals of Information Systems Security Chapter 14
 
Funsec3e ppt ch11
Funsec3e ppt ch11Funsec3e ppt ch11
Funsec3e ppt ch11
 
info-sys-security3.pptx
info-sys-security3.pptxinfo-sys-security3.pptx
info-sys-security3.pptx
 
Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15Fundamentals of Information Systems Security Chapter 15
Fundamentals of Information Systems Security Chapter 15
 
Proactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital DisruptionProactive Risk Management and Compliance in a World of Digital Disruption
Proactive Risk Management and Compliance in a World of Digital Disruption
 
Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13Fundamentals of Information Systems Security Chapter 13
Fundamentals of Information Systems Security Chapter 13
 
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoftHow Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
How Facility Controls Systems Present Cybersecurity Challenges - OSIsoft
 
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
What the GDPR Means for your Cybersecurity Strategy [Webinar Slides]
 
Martin Huddleston: No Service Management, No Security
Martin Huddleston: No Service Management, No SecurityMartin Huddleston: No Service Management, No Security
Martin Huddleston: No Service Management, No Security
 
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DCUnderstanding Federal IT Compliance in Three Steps - SharePoint Fest DC
Understanding Federal IT Compliance in Three Steps - SharePoint Fest DC
 
Security Observability: Democratizing Security in the Cloud (DEV206-S) - AWS ...
Security Observability: Democratizing Security in the Cloud (DEV206-S) - AWS ...Security Observability: Democratizing Security in the Cloud (DEV206-S) - AWS ...
Security Observability: Democratizing Security in the Cloud (DEV206-S) - AWS ...
 
Business Goals and Constraints.” Please respond to the following.docx
Business Goals and Constraints.” Please respond to the following.docxBusiness Goals and Constraints.” Please respond to the following.docx
Business Goals and Constraints.” Please respond to the following.docx
 
The Value of Using Security Policy Orchestration and Automation for Improving...
The Value of Using Security Policy Orchestration and Automation for Improving...The Value of Using Security Policy Orchestration and Automation for Improving...
The Value of Using Security Policy Orchestration and Automation for Improving...
 

More from Dr. Ahmed Al Zaidy

Chapter 14 Exploring Object-based Programming
Chapter 14 Exploring Object-based ProgrammingChapter 14 Exploring Object-based Programming
Chapter 14 Exploring Object-based ProgrammingDr. Ahmed Al Zaidy
 
Chapter 13 Programming for web forms
Chapter 13 Programming for web formsChapter 13 Programming for web forms
Chapter 13 Programming for web formsDr. Ahmed Al Zaidy
 
Chapter 12 Working with Document nodes and style sheets
Chapter 12 Working with Document nodes and style sheetsChapter 12 Working with Document nodes and style sheets
Chapter 12 Working with Document nodes and style sheetsDr. Ahmed Al Zaidy
 
Chapter 11 Working with Events and Styles
Chapter 11 Working with Events and StylesChapter 11 Working with Events and Styles
Chapter 11 Working with Events and StylesDr. Ahmed Al Zaidy
 
Chapter 10 Exploring arrays, loops, and conditional statements
Chapter 10 Exploring arrays, loops, and conditional statementsChapter 10 Exploring arrays, loops, and conditional statements
Chapter 10 Exploring arrays, loops, and conditional statementsDr. Ahmed Al Zaidy
 
Chapter 9 Getting Started with JavaScript
Chapter 9 Getting Started with JavaScriptChapter 9 Getting Started with JavaScript
Chapter 9 Getting Started with JavaScriptDr. Ahmed Al Zaidy
 
Chapter 8 Enhancing a website with multimedia
Chapter 8 Enhancing a website with multimediaChapter 8 Enhancing a website with multimedia
Chapter 8 Enhancing a website with multimediaDr. Ahmed Al Zaidy
 
Chapter 7 Designing a web form
Chapter 7 Designing a web formChapter 7 Designing a web form
Chapter 7 Designing a web formDr. Ahmed Al Zaidy
 
Chapter 6 Working with Tables and Columns
Chapter 6 Working with Tables and ColumnsChapter 6 Working with Tables and Columns
Chapter 6 Working with Tables and ColumnsDr. Ahmed Al Zaidy
 
Chapter 5 Designing for the mobile web
Chapter 5 Designing for the mobile webChapter 5 Designing for the mobile web
Chapter 5 Designing for the mobile webDr. Ahmed Al Zaidy
 
Chapter 4 Graphic Design with CSS
Chapter 4 Graphic Design with CSSChapter 4 Graphic Design with CSS
Chapter 4 Graphic Design with CSSDr. Ahmed Al Zaidy
 
Chapter 3 Designing a Page Layout
Chapter 3 Designing a Page LayoutChapter 3 Designing a Page Layout
Chapter 3 Designing a Page LayoutDr. Ahmed Al Zaidy
 
Chapter 2 Getting Started with CSS
Chapter 2 Getting Started with CSSChapter 2 Getting Started with CSS
Chapter 2 Getting Started with CSSDr. Ahmed Al Zaidy
 
Chapter 1 Getting Started with HTML5
Chapter 1 Getting Started with HTML5Chapter 1 Getting Started with HTML5
Chapter 1 Getting Started with HTML5Dr. Ahmed Al Zaidy
 
testing throughout-the-software-life-cycle-section-2
testing throughout-the-software-life-cycle-section-2testing throughout-the-software-life-cycle-section-2
testing throughout-the-software-life-cycle-section-2Dr. Ahmed Al Zaidy
 
Chapter 14 Business Continuity
Chapter 14 Business ContinuityChapter 14 Business Continuity
Chapter 14 Business ContinuityDr. Ahmed Al Zaidy
 
Chapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data SecurityChapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data SecurityDr. Ahmed Al Zaidy
 

More from Dr. Ahmed Al Zaidy (20)

Chapter 14 Exploring Object-based Programming
Chapter 14 Exploring Object-based ProgrammingChapter 14 Exploring Object-based Programming
Chapter 14 Exploring Object-based Programming
 
Chapter 13 Programming for web forms
Chapter 13 Programming for web formsChapter 13 Programming for web forms
Chapter 13 Programming for web forms
 
Chapter 12 Working with Document nodes and style sheets
Chapter 12 Working with Document nodes and style sheetsChapter 12 Working with Document nodes and style sheets
Chapter 12 Working with Document nodes and style sheets
 
Chapter 11 Working with Events and Styles
Chapter 11 Working with Events and StylesChapter 11 Working with Events and Styles
Chapter 11 Working with Events and Styles
 
Chapter 10 Exploring arrays, loops, and conditional statements
Chapter 10 Exploring arrays, loops, and conditional statementsChapter 10 Exploring arrays, loops, and conditional statements
Chapter 10 Exploring arrays, loops, and conditional statements
 
Chapter 9 Getting Started with JavaScript
Chapter 9 Getting Started with JavaScriptChapter 9 Getting Started with JavaScript
Chapter 9 Getting Started with JavaScript
 
Chapter 8 Enhancing a website with multimedia
Chapter 8 Enhancing a website with multimediaChapter 8 Enhancing a website with multimedia
Chapter 8 Enhancing a website with multimedia
 
Chapter 7 Designing a web form
Chapter 7 Designing a web formChapter 7 Designing a web form
Chapter 7 Designing a web form
 
Chapter 6 Working with Tables and Columns
Chapter 6 Working with Tables and ColumnsChapter 6 Working with Tables and Columns
Chapter 6 Working with Tables and Columns
 
Chapter 5 Designing for the mobile web
Chapter 5 Designing for the mobile webChapter 5 Designing for the mobile web
Chapter 5 Designing for the mobile web
 
Chapter 4 Graphic Design with CSS
Chapter 4 Graphic Design with CSSChapter 4 Graphic Design with CSS
Chapter 4 Graphic Design with CSS
 
Chapter 3 Designing a Page Layout
Chapter 3 Designing a Page LayoutChapter 3 Designing a Page Layout
Chapter 3 Designing a Page Layout
 
Chapter 2 Getting Started with CSS
Chapter 2 Getting Started with CSSChapter 2 Getting Started with CSS
Chapter 2 Getting Started with CSS
 
Chapter 1 Getting Started with HTML5
Chapter 1 Getting Started with HTML5Chapter 1 Getting Started with HTML5
Chapter 1 Getting Started with HTML5
 
Integer overflows
Integer overflowsInteger overflows
Integer overflows
 
testing throughout-the-software-life-cycle-section-2
testing throughout-the-software-life-cycle-section-2testing throughout-the-software-life-cycle-section-2
testing throughout-the-software-life-cycle-section-2
 
Fundamental of testing
Fundamental of testingFundamental of testing
Fundamental of testing
 
Chapter 15 Risk Mitigation
Chapter 15 Risk MitigationChapter 15 Risk Mitigation
Chapter 15 Risk Mitigation
 
Chapter 14 Business Continuity
Chapter 14 Business ContinuityChapter 14 Business Continuity
Chapter 14 Business Continuity
 
Chapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data SecurityChapter 13 Vulnerability Assessment and Data Security
Chapter 13 Vulnerability Assessment and Data Security
 

Recently uploaded

Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfsanyamsingh5019
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting DataJhengPantaleon
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsKarinaGenton
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxheathfieldcps1
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Sapana Sha
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991RKavithamani
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon AUnboundStockton
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxRoyAbrique
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Educationpboyjonauth
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersChitralekhaTherkar
 

Recently uploaded (20)

Sanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdfSanyam Choudhary Chemistry practical.pdf
Sanyam Choudhary Chemistry practical.pdf
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data_Math 4-Q4 Week 5.pptx Steps in Collecting Data
_Math 4-Q4 Week 5.pptx Steps in Collecting Data
 
The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
Science 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its CharacteristicsScience 7 - LAND and SEA BREEZE and its Characteristics
Science 7 - LAND and SEA BREEZE and its Characteristics
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
The basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptxThe basics of sentences session 2pptx copy.pptx
The basics of sentences session 2pptx copy.pptx
 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
 
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111Call Girls in Dwarka Mor Delhi Contact Us 9654467111
Call Girls in Dwarka Mor Delhi Contact Us 9654467111
 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
 
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
Industrial Policy - 1948, 1956, 1973, 1977, 1980, 1991
 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Crayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon ACrayon Activity Handout For the Crayon A
Crayon Activity Handout For the Crayon A
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptxContemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
Contemporary philippine arts from the regions_PPT_Module_12 [Autosaved] (1).pptx
 
Introduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher EducationIntroduction to ArtificiaI Intelligence in Higher Education
Introduction to ArtificiaI Intelligence in Higher Education
 
Micromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of PowdersMicromeritics - Fundamental and Derived Properties of Powders
Micromeritics - Fundamental and Derived Properties of Powders
 

Fundamentals of Information Systems Security Chapter 7

  • 1. © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Fundamentals of Information Systems Security Lesson 7 Auditing, Testing, and Monitoring
  • 2. Page 2Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 2Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Learning Objective(s)  Explain the importance of security audits, testing, and monitoring in an IT infrastructure.
  • 3. Page 3Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 3Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Key Concepts  Practices and principles of security audits  Ways to monitor systems  Capturing and analyzing log data  Assessing an organization’s security compliance  Monitoring and testing security systems
  • 4. Page 4Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 4Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Auditing, Testing, and Monitoring  A security audit is a crucial type of evaluation to avoid a data breach  Auditing a computer system involves checking to see how its operation has met security goals  Audit tests may be manual or automated  Before you can determine whether something has worked, you must first define how it’s supposed to work • Known as assessing a system
  • 5. Page 5Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 5Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Auditing and Analysis Are security policies sound and appropriate for the business or activity? Are there controls supporting your policies? Is there effective implementation and upkeep of controls?
  • 6. Page 6Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 6Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Controls Address Risk
  • 7. Page 7Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 7Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Determining What Is Acceptable  Define acceptable and unacceptable actions  Create standards based on those developed or endorsed by standards bodies  Communications and other actions permitted by a policy document are acceptable  Communications and other actions specifically banned in your security policy are unacceptable
  • 8. Page 8Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 8Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Areas of Security Audits Large in scope and cover entire departments or business functions Narrow and address only one specific system or control
  • 9. Page 9Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 9Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Purpose of Audits Appropriateness of controls • Is the level of security control suitable for the risk it addresses? Correct installation of controls • Is the security control in the right place and working well? Address purpose of controls • Is the security control effective in addressing the risk it was designed to address?
  • 10. Page 10Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 10Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Service Organization Control (SOC) Reports Report Type Contents Audience SOC 1 Internal controls over financial reporting  Users and auditors  Organizations that must comply with SOX or the GLBA SOC 2 Security (confidentiality, integrity, availability) and privacy controls  Management, regulators, stakeholders  Service providers, hosted data centers, managed cloud computing providers SOC 3 Security (confidentiality, integrity, availability) and privacy controls  Public  Customers of SOC 2 service providers
  • 11. Page 11Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 11Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Defining Your Audit Plan Define objectives; determine which systems or business processes to review Define which areas of assurance to check Identify personnel who will participate in the audit
  • 12. Page 12Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 12Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Defining the Scope of the Plan Survey the site(s) Review documentation Review risk analysis output Review server and application logs Review incident logs Review results of penetration tests
  • 13. Page 13Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 13Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Audit Scope and the Seven Domains of the IT Infrastructure
  • 14. Page 14Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 14Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Auditing Benchmarks Benchmark—The standard to which your system is compared to determine whether it is securely configured • ISO 27002—ISO 27002 • NIST Cybersecurity Framework (CSF) • ITIL (Information Technology Infrastructure Library) • Control Objectives for Information and related Technology (COBIT) • Committee of Sponsoring Organizations (COSO)
  • 15. Page 15Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 15Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Audit Data Collection Methods Questionnaires Interviews Observation Checklists Reviewing documentation Reviewing configurations Reviewing policy Performing security testing
  • 16. Page 16Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 16Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Areas Included in Audit Plan Area Audit Goal Antivirus software Up-to-date, universal application System access policies Current with technology Intrusion detection and event monitoring systems Log reviews System-hardening policies Ports, services Cryptographic controls Key management, usage (network encryption of sensitive data) Contingency planning Business continuity plan (BCP), disaster recovery plan (DRP), and continuity of operations plan (COOP)
  • 17. Page 17Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 17Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Areas Included in Audit Plan (cont.) Area Audit Goal Hardware and software maintenance Maintenance agreements, servicing, forecasting of future needs Physical security Doors locked, power supplies monitored Access control Need to know, least privilege Change control processes for configuration management Documented, no unauthorized changes Media protection Age of media, labeling, storage, transportation
  • 18. Page 18Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 18Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Control Checks and Identity Management  Approval process: Who grants approval for access requests?  Authentication mechanisms: What mechanisms are used for specific security requirements?  Password policy and enforcement: Does the organization have an effective password policy and is it uniformly enforced?  Monitoring: Does the organization have sufficient monitoring systems to detect unauthorized access?  Remote access systems: Are all systems properly secured with strong authentication?
  • 19. Page 19Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 19Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Post-Audit Activities  Exit interview  Data analysis  Generation of audit report • Findings • Recommendations • Timeline for implementation • Level of risk • Management response • Follow-up  Presentation of findings
  • 20. Page 20Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 20Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Monitoring Baselines Alarms, alerts, and trends Closed-circuit TV Systems that spot irregular behavior
  • 21. Page 21Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 21Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Monitoring for Computer Systems • Host IDS • System integrity monitoring • Data loss prevention (DLP) Real-time monitoring • Application logging • System logging Non-real-time monitoring • Host-based activity • Network and network devicesLog activities
  • 22. Page 22Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 22Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Types of Log Information to Capture • General operating system and application software eventsEvent logs • Access requests to resourcesAccess logs • Security-related eventsSecurity logs • Defined events that provide additional input to audit activitiesAudit logs
  • 23. Page 23Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 23Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Types of Log Information
  • 24. Page 24Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 24Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. How to Verify Security Controls Controls that monitor activity IDSs IPSs Firewalls
  • 25. Page 25Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 25Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. IDS as a Firewall Complement
  • 26. Page 26Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 26Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Basic NIDS as a Firewall Complement
  • 27. Page 27Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 27Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Analysis Methods • Rule-based detection • Rely on pattern matching and stateful matching Pattern- or signature-based IDSs • Profile-based systems Anomaly-based IDSs • Statistical-based methods • Traffic-based methods • Protocol patterns Common methods of detecting anomalies
  • 28. Page 28Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 28Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. HIDS  Software processes or services designed to run on server computers  Intercept and examine system calls or specific processes for patterns or behaviors that should not normally be allowed  HIDS daemons can take a predefined action such as stopping or reporting the infraction  Detect inappropriate traffic that originates inside the network  Recognize an anomaly that is specific to a particular machine or user
  • 29. Page 29Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 29Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Layered Defense: Network Access Control
  • 30. Page 30Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 30Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Using NIDS Devices to Monitor Outside Attacks
  • 31. Page 31Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 31Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Host Isolation and the DMZ
  • 32. Page 32Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 32Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. System Hardening  Turn off or disable unnecessary services; protect ones that are still running  Secure management interfaces and applications  Protect passwords through aggressive password policies  Disable unnecessary user accounts  Apply the latest software patches available  Secure all computers/devices from unauthorized changes  Disable unused network interfaces  Disable unused application service ports  Use MAC filtering to limit device access  Implement 802.1x, PNAC
  • 33. Page 33Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 33Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Monitoring and Testing Security Systems Common risks are: • Attackers who come in from outside, with unauthorized access, malicious code, Trojans, and malware • Sensitive information leaking from inside the organization to unauthorized people who can damage your organization
  • 34. Page 34Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 34Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Monitoring Monitor traffic with an IDS, which identifies abnormal traffic for further investigation Use an IPS to actively block malicious traffic
  • 35. Page 35Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 35Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Testing
  • 36. Page 36Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 36Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Testing Road Map
  • 37. Page 37Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 37Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Establishing Testing Goals and Reconnaissance Methods  Establish testing goals • Identify vulnerabilities and rank them according to how critical they are to your systems • Document a point-in-time (snapshot) test for comparison to other time periods • Prepare for auditor review • Find the gaps in your security  Reconnaissance methods • Social engineering • Whois service • Zone transfer
  • 38. Page 38Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 38Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Network Mapping
  • 39. Page 39Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 39Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Network Mapping with ICMP (Ping)
  • 40. Page 40Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 40Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Network Mapping with TCP/SYN Scans
  • 41. Page 41Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 41Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Operating System Fingerprinting
  • 42. Page 42Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 42Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Testing Methods Black-box testing • Uses test methods that aren’t based directly on knowledge of a program’s architecture or design White-box testing • Is based on knowledge of the application’s design and source code Gray-box testing • Lies somewhere between black-box testing and white- box testing
  • 43. Page 43Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 43Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Covert versus Overt Testers
  • 44. Page 44Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 44Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Security Testing Tips and Techniques Choose the right tool Tools make mistakes Protect your systems Tests should be as “real” as possible
  • 45. Page 45Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Page 45Fundamentals of Information Systems Security © 2018 Jones and Bartlett Learning, LLC, an Ascend Learning Company www.jblearning.com All rights reserved. Summary  Practices and principles of security audits  Ways to monitor systems  Capturing and analyzing log data  Assessing an organization’s security compliance  Monitoring and testing security systems